Repository: cxf-fediz Updated Branches: refs/heads/1.2.x-fixes 0811af185 -> 4af5680b0
FEDIZ-170 - Load keystore/truststore resources in the container plugins Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/4af5680b Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/4af5680b Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/4af5680b Branch: refs/heads/1.2.x-fixes Commit: 4af5680b046d953cfdd0f87a9191ea4657040af5 Parents: 0811af1 Author: Colm O hEigeartaigh <[email protected]> Authored: Fri Jul 15 10:57:10 2016 +0100 Committer: Colm O hEigeartaigh <[email protected]> Committed: Fri Jul 15 11:04:42 2016 +0100 ---------------------------------------------------------------------- .../cxf/fediz/core/config/FedizContext.java | 19 +++++++++++++++---- .../core/federation/RequestedClaimsTest.java | 2 +- 2 files changed, 16 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/4af5680b/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FedizContext.java ---------------------------------------------------------------------- diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FedizContext.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FedizContext.java index 4fc5b61..85f136f 100644 --- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FedizContext.java +++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FedizContext.java @@ -23,6 +23,7 @@ import java.io.Closeable; import java.io.File; import java.io.IOException; import java.math.BigInteger; +import java.net.URL; import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Collections; @@ -282,11 +283,16 @@ public class FedizContext implements Closeable { private Properties createCryptoProperties(TrustManagersType tm) { String trustStoreFile = null; - String trustStorePw = null; KeyStoreType ks = tm.getKeyStore(); + String trustStorePw = ks.getPassword(); if (ks.getFile() != null && !ks.getFile().isEmpty()) { trustStoreFile = ks.getFile(); - trustStorePw = ks.getPassword(); + } else if (ks.getResource() != null && !ks.getResource().isEmpty()) { + URL resource = Loader.getResource(ks.getResource()); + if (resource != null) { + // WSS4J will re-load the resource anyway + trustStoreFile = ks.getResource(); + } } else { throw new IllegalStateException("No certificate store configured"); } @@ -314,12 +320,17 @@ public class FedizContext implements Closeable { private Properties createCryptoProperties(KeyManagersType km) { String keyStoreFile = null; - String keyStorePw = null; String keyType = "jks"; KeyStoreType ks = km.getKeyStore(); + String keyStorePw = ks.getPassword(); if (ks.getFile() != null && !ks.getFile().isEmpty()) { keyStoreFile = ks.getFile(); - keyStorePw = ks.getPassword(); + } else if (ks.getResource() != null && !ks.getResource().isEmpty()) { + URL resource = Loader.getResource(ks.getResource()); + if (resource != null) { + // WSS4J will re-load the resource anyway + keyStoreFile = ks.getResource(); + } } else { throw new IllegalStateException("No certificate store configured"); } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/4af5680b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/RequestedClaimsTest.java ---------------------------------------------------------------------- diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/RequestedClaimsTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/RequestedClaimsTest.java index 79c836c..2a2ba45 100644 --- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/RequestedClaimsTest.java +++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/RequestedClaimsTest.java @@ -137,7 +137,7 @@ public class RequestedClaimsTest { KeyStoreType ks0 = new KeyStoreType(); ks0.setType("JKS"); ks0.setPassword("storepass"); - ks0.setFile("ststrust.jks"); + ks0.setResource("ststrust.jks"); tm0.setKeyStore(ks0); certStores.getTrustManager().add(tm0);
